Juniper JunosE Malformed ICMP Remote DoS (JSA10651)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a denial of service vulnerability.

Description :

According to its version, the remote Juniper E-Series device is
potentially affected by a denial of service vulnerability. This issue
is caused by improper processing of malformed ICMP packets into the
log format for 'icmpTraffic' logging when 'DEBUG' severity is
selected.

Note that devices with logging severities below 'DEBUG' are not
affected.

See also :

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10651

Solution :

Upgrade to JunosE version 13.3.3p0-1 / 14.3.2 / 15.1.0 or later.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.2
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 78422 ()

Bugtraq ID: 70368

CVE ID: CVE-2014-6377

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now